Colin Charles is the Chief Evangelist at Percona. He was previously on the founding team of MariaDB Server in 2009, and had worked at MySQL since 2005, and been a MySQL user since 2000. Before joining MySQL, he worked actively on the Fedora and OpenOffice.org projects. He's well known within open source communities in APAC, and has spoken at many conferences.
This tutorial provides a detailed roadmap for defining and implementing appropriate MySQL security for your data center and cloud environments. It will help you understand the options for and capabilities of authentication, encryption, key management and auditing in MySQL/Percona Server for MySQL/MariaDB/RDS and their variants.
This talk covers:
- A security primer
- The available ANSI and MySQL constructs
- The evolution of defaults in MySQL Versions
- Basic security hardening
- Reviewing authentication modules
- Better/Stronger/Harder passwords
- Encryption options for variants Percona Server for MySQL, MariaDB, MySQL Enterprise including LUKS, ezcrypt, gazzang
- Key management options
- Practical OS security (user accounts, sudo, iptables/ufw, SELinux/AppArmor)
- Why auditing is important
- Understanding the role of clouds, containers and compliance